services / Kubernetes / RoleBindings
A RoleBinding is used to associate a Role with one or more principals (users, groups, or service accounts). It establishes a connection between a set of permissions defined in a Role and the entities that should have those permissions. Roles are scoped to a specific Kubernetes namespace.
Roles are only definitions of permissions. A role does not take effect unless assigned to principal via a RoleBinding.
rbac.authorization.k8s.io/rolebindings.delete
Deleting a RoleBinding removes the permissions of the Role from a list of principals
Risks
Scope: CRITICAL
This privilege may grant access to sensitive data from a significant fraction of organizational functions, allow interruption of critical organizational services, or its exploit could lead to significant privilege escalation.
Contributed by P0 Security